Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Corrine

Pages: [1] 2 3 ... 817
1
Web News / Re: Fake members?
« on: Today at 02:56:56 PM »
We've been lucky here and haven't had that kind of nonsense.  We do have a Stop Forum Spam add-on which checks username, IP address and email address for spam.  Although there was one false/positive recently that was fixed, it has been a good tool.  At SNF (Scot's Newsletter Forum), all new members are carefully vetted.

2
Quote
I haven't had any issues again.
Great news but lets do one final check with an ESET online scan.

Please do a scan with ESET Online Scanner

Download ESET Online Scanner and save it to your desktop.
  • Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
  • Click on Get Started.
  • Another window will appear - select Get Started. Select whether you would like to send anonymous data to ESET.
  • Click on the Full Scan option.
  • Click on the option to Enable ESET to detect and remove potentially unwanted applications, and select Start scan.
  • ESET will now begin scanning your computer. This may take some time.
  • When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop with a name like ESETlog.txt. Click on Continue.
  • ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
  • On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
  • On your desktop, a file will be created called ESETlog.txt. Open it, then copy and paste its contents into your next reply.

3
Hi, Lisa.

First to explain what is in the log:

The top group of findings by AdwCleaner are PUPs which stands for Potentionally Unwanted Programs.  In the instructions below, I will list them all to be removed.

The section at the bottom under "Preinstalled Software" is software that was apparently installed when the device was new.  Note, for example "Dell Power Manager" and Dell Support Agent Assistant, which you may or may not use.  The non-Dell items, however, I've never seen before.  Rivet Networks creates networking software and Smartbyte is apparently software developed by Rivet Networks.  Feel free to keep or remove the "Preinstalled Software".

To proceed, please do the following:
  • Double click AdwCleaner.exe to run it.
  • Click Scan Now
  • When the scan has finished a Scan Results window will open.
  • Please check the following boxes and then click Quarantine
Quote
PUP.Optional.EasySpeedCheck     HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\easyspeedtest.co
PUP.Optional.EasySpeedCheck     HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\heasyspeedtest.co
PUP.Optional.EasySpeedCheck     HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\results.heasyspeedtest.co
PUP.Optional.EasySpeedCheck     HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\easyspeedtest.co
PUP.Optional.EasySpeedCheck     HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\heasyspeedtest.co
PUP.Optional.EasySpeedCheck     HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\results.heasyspeedtest.co
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\openspeedtest.com
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.yourtango.com
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\yourtango.com
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\openspeedtest.com
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.yourtango.com
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\yourtango.com
PUP.Optional.TheBrightTag       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\s.thebrighttag.com
PUP.Optional.TheBrightTag       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\thebrighttag.com
PUP.Optional.TheBrightTag       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\s.thebrighttag.com
PUP.Optional.TheBrightTag       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\thebrighttag.com
    • Click Next
    • If any pre-installed software was found on your machine, a prompt window will open ...
      • Check any pre-installed software items you want to remove.  It is your PC so if you wish to keep them, feel free to do so.  However, if you use them or are unsure, feel free to NOT select any of them.
      • Click Quarantine
    • A prompt to save your work will appear ...
      • Click Continue when you're ready to proceed.
    • A prompt to restart your computer will appear ...
      • Click Restart Now
    • Once your computer has restarted ...
      • If it doesn't open automatically, please start ADWCleaner ...
      • Click the Log Files tab ...
      • Double click on the latest Clean log (Clean logs have a [C0*] suffix, where * is replaced by a number, the latest scan will have the largest number)
      • A Notepad file will open containing the results of the removal.
      • Please post the contents of the file in your next reply.

4
Sorry, Lisa.  I was having problems with the PC that has the various instructions on it and posted an old link.

Thanks DR M and winchester73 for providing the correct information!

5
Dev channel update to 82.0.425.3 is live.

This is the first Dev channel build for major version 82.  See the link for links to blog posts about some of the improvements being worked on.  In addition to changes and fixes, the build includes one new added feature:
  • Added a management policy to allow the deletion of browsing data from Edge Legacy when it’s replaced by the installation of Edge’s Stable channel.

6
Hi, Lisa.  Goo work!

Going back to your original post, what you reported about Facebook was most likely another of the types of things that can happen on FB -- cloned accounts, messenger scams and others, including a few of the most recent: Fake Profile Scam, Fake Ads Scam, Free Money Scam and more.  As far as I'm concerned the only thing that makes Facebook usable is F.B. Purity - Clean up and Customize Facebook.  It is available in the Microsoft Store for Microsoft Edge.  Just search for F.B. (FluffBusting)Purity.

As to the odd texts on your phone, can you block the number sending the text, report to your mobile carrier?  Even though I am on the "Do Not Call List", I still get random calls from unknown numbers.  If the number isn't in my contact list, I don't answer it.

Back to your PC, let's do a double-check for any other adware:

Download AdwCleaner and save it to your desktop.
  • Right-click AdwCleaner.exe and select Run as Administrator.
  • Read and accept the End User License Agreement.
  • Press the Scan Now button and wait for it to complete.
  • A window titled Scan Results will open.
  • Select Cancel.
  • Click the Log Files button on the left pane.
  • Doubleclick the newest log file to open it in Notepad. (AdwCleaner[Sxx].txt, where x is replaced by a number)
  • Copy and paste the contents of the scan log to your next reply.

Note: the AdwCleaner log is also saved to C:\AdwCleaner\Logs\AdwCleaner[Sxx].txt

7
Windows Insider Preview Build 19569 Released to Fast Ring:  Announcing Windows 10 Insider Preview Build 19569.

Aside from rolling out some of the new icons, the build contains a list of fixes.

8
Hi, Lisa.

Regarding the 403 Forbidden error, make sure you're not using an old bookmark to access the site that has HTTP instead of HTTPS.  As to what Malwarebytes quarantined, they were apparently a "Potentially unwanted program" and a "Potentially unwanted modification". 

Please do the following to run FRST:

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines.  Right-click and select "Copy ".
Code: [Select]
Start::
CreateRestorePoint:
CloseProcesses:
CHR Notifications: Default -> hxxps://www.sephora.com
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ShortcutWithArgument: C:\Users\Angel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
AlternateDataStreams: C:\Users\Angel\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [130]
AlternateDataStreams: C:\Users\Angel\OneDrive\Documents\Arrow Material Services:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Angel\OneDrive\Documents\Bank of America _ Online Banking _credit-print-claim-page_files:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Angel\OneDrive\Documents\Bankruptcy:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Angel\OneDrive\Documents\CyberLink:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Angel\OneDrive\Documents\HpReg_Backup:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Angel\OneDrive\Documents\Sound recordings:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Angel\OneDrive\Documents\Taxes:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Angel\OneDrive\Documents\Uber:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Angel\OneDrive\Documents\Vehicle Registration:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
FirewallRules: [{DA610BCD-FFC3-46D8-8438-68AAD19F88ED}] => (Allow) C:\Users\Angel\AppData\Local\Temp\7zS4A33\HPDiagnosticCoreUI.exe No File
FirewallRules: [{64C04EF1-78CC-48CB-9A7C-3E8BE3C14789}] => (Allow) C:\Users\Angel\AppData\Local\Temp\7zS4A33\HPDiagnosticCoreUI.exe No File
FirewallRules: [{CD97D817-671B-40A7-B39C-86AC49D80456}] => (Allow) C:\Users\Angel\AppData\Local\Temp\7zS4E37\HPDiagnosticCoreUI.exe No File
FirewallRules: [{718B2E3B-97C6-4581-9470-DB80E717A512}] => (Allow) C:\Users\Angel\AppData\Local\Temp\7zS4E37\HPDiagnosticCoreUI.exe No File
FirewallRules: [{B9B3AF56-7243-4BC0-9294-DE2D72939686}] => (Allow) C:\Users\Angel\AppData\Local\Temp\7zS1358\HPDiagnosticCoreUI.exe No File
FirewallRules: [{FE291625-7409-412B-A604-49E0FE1B3A6F}] => (Allow) C:\Users\Angel\AppData\Local\Temp\7zS1358\HPDiagnosticCoreUI.exe No File
FirewallRules: [{124AB296-20D1-4756-842E-1504DAA8AA3A}] => (Allow) C:\Users\Angel\AppData\Local\Temp\7zS4FD2\HPDiagnosticCoreUI.exe No File
FirewallRules: [{CC0CDA9C-EDA5-48D4-895E-4E5AD17D1355}] => (Allow) C:\Users\Angel\AppData\Local\Temp\7zS4FD2\HPDiagnosticCoreUI.exe No File
FirewallRules: [{376D10C9-1805-4994-81A7-90E59034B901}] => (Allow) C:\Users\Angel\AppData\Local\Temp\7zS2B48\HPDiagnosticCoreUI.exe No File
FirewallRules: [{DBEA3E0E-9AAB-42EB-8E0D-BD8E269C612D}] => (Allow) C:\Users\Angel\AppData\Local\Temp\7zS2B48\HPDiagnosticCoreUI.exe No File
EmptyTemp:
End::
  • Please right-click on FRST/FRST64 to run as administrator.  When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST/FRST64.exe
  • Please post the log in your next reply.

9
Hi, Lisa. 

You'd be surprised how efficient spammers.  I actually received two phishing emails a week after paying Amazon Prime that the payment was declined.  The Amazon logo was there and the sender showed as Customer Service and the email address actually included no-replyamazon with a lot of gobbledegook following with @ something.space, definitely not amazon.com. 

I suggest you change your TurboTax password before doing anything else.

Let's start with a Malwarebytes scan. 

Please download Malwarebytes to your desktop.
  • Right-click on the Malwarebytes icon and select Run as Administrator. Follow the on-screen prompts to install Malwarebytes Anti-Malware.
  • Once the installation has finished, launch Malwarebytes.
  • Click on Scan Now and wait for the scan to complete.
  • Malwarebytes will update its databases, then start scanning.
  • If no threats are found, close the Malwarebytes window. If threats are detected, make sure they are all selected and click Quarantine selected.
  • Click on Reports in the left pane, and check the box next to the latest report (at the top). Click on View Report.
  • Select Export in the bottom left corner, and click Text File. Save the file to your desktop, with a name like MBAMLog.txt.
  • Open the Malwarebytes log on your desktop, and copy and paste its contents into your next reply.

10
No announcement but a small update to Build 81.0.416.11 has been released.

11
It doesn't have anything to do with different operating systems.  Rather, current versions of Firefox use WebExtensions and Pale Moon did not go that route.  Using Pale Moon means that I can continue using legacy extensions that are no longer supported by Firefox but are long-time favorites and make posts on forums so much easier.  With Colt, for example, I can select text and right-click and use the option to copy text and location as BBCode, saving having to manually format.

12
Mozilla sent Firefox Version 73.0.1 to the release channel today with a number of fixes.  Firefox ESR Version remains at Version 68.5.

Release Notes

13
Pale Moon has been updated to version 28.8.3 as a bugfix and security update.

The update includes two DiD ("Defense-in-Depth") updates. A DiD update is s a fix that does not apply to a (potentially) actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code, e.g. when surrounding code changes, exposing the problem, or when new attack vectors are discovered.

Release Notes

14
LandzDown Lounge / Re: I would like to say a few words about Corrine...
« on: February 18, 2020, 01:05:17 AM »
Yes, I'm still here as are so many of our other FL friends.  It is good to see you.  Stop in any time.

15
techie, Firefox didn't use the uBlock Origin Updater.  Rather, it had been needed only for Firefox legacy-based browsers.

Pages: [1] 2 3 ... 817